X-Git-Url: http://git.shiar.net/minimedit.git/blobdiff_plain/7213175b8391e8f47f54096fada4fdc33d82b8a1..af5d5f4037aabc493afa60a5394ab3f8f6134917:/widget/contact.php

diff --git a/widget/contact.php b/widget/contact.php
index b505375..a4fccda 100644
--- a/widget/contact.php
+++ b/widget/contact.php
@@ -2,8 +2,12 @@
 $error = NULL;
 if ($_POST) {
 	global $User;
-	if ($User) {
+	if ($User->login) {
 		$_REQUEST['login'] = $User->login;
+		$_REQUEST['email'] = $_REQUEST['email'] ?: $User->email;
+	}
+	else {
+		unset($_REQUEST['login']);
 	}
 	$error = mailform($_REQUEST);
 	if (!empty($error)) {
@@ -46,7 +50,7 @@ switch ($source) {
 	}
 }
 
-	$reply = preg_match('/\A\w+@\w+\.[a-z]+\z/', @$input['email'])
+	$reply = preg_match('/\A[^\s\'@]{1,64}@[.a-zA-Z0-9-]{4,63}\z/', @$input['email'])
 		? $input['email'] : "noreply@$domain";
 	$header = "From: $reply";
 
@@ -54,7 +58,7 @@ switch ($source) {
 		'X-Accept-Language' => 'HTTP_ACCEPT_LANGUAGE',
 		'User-Agent'        => 'HTTP_USER_AGENT',
 	) as $mailhdr => $serverhdr) {
-		if (!$_SERVER[$serverhdr]) continue;
+		if (empty($_SERVER[$serverhdr])) continue;
 		$header .= "\r\n$mailhdr: ".$_SERVER[$serverhdr];
 	}